US sanctions Chinese cyberespionage firm, saying it hacked US energy industry

Published Tue, Mar 26, 2024 · 12:15 AM

The US Treasury Department says the sanctions are on Wuhan Xiaoruizhi Science and Technology as well as on two Chinese nationals. PHOTO: REUTERS

DeeperDive is a beta AI feature. Refer to full articles for the facts.

THE US on Monday (Mar 25) imposed sanctions on a China-based firm it said was a Ministry of State Security front company, accusing it of serving as a cover for multiple malicious cyber operations and targeting US critical infrastructure.

The US Treasury Department in a statement said the sanctions were on Wuhan Xiaoruizhi Science and Technology as well as on two Chinese nationals. Treasury said this was part of an effort taken alongside the US Justice Department, FBI, State Department and the United Kingdom.

China state-sponsored malicious cyber actors remain one of the greatest and most persistent threats to US national security, the Treasury said. The cybersecurity industry has labelled such entities advanced persistent threats (APTs), and the government also uses that acronym.

Treasury said APT31 is a collection of Chinese intelligence officers working for the Hubei branch of China’s Ministry of State Security (MSS) who carry out cyberespionage campaigns on behalf of the state. Those same officers established a company, Wuhan Xiaoruizhi Science and Technology, to use as a front to carry out those campaigns, the Treasury said.

The Treasury said APT31 has targeted high-ranking US officials and their advisors, including at the White House, departments of Justice, Commerce, Treasury and State, members of Congress and others.

Wuhan Xiaoruizhi Science and Technology’s activity resulted in the surveillance of US and foreign politicians, foreign policy experts, academics, journalists, pro-democracy activists and others, the Treasury said, adding that in 2018 employees of the company carried out an APT31 malicious cyber operation on a Texas-based energy company.

China loosens cross-border data rules to ease business pressure

In the age of cyberwarfare, passive defence is a losing game. Preparedness, fuelled by self-knowledge and a keen understanding of adversaries, is a better strategy.

The art of cyberdefence

Lockbit and its affiliates have hacked some of the world’s largest organisations like Boeing and ICBC in recent months.

Lockbit cybercrime gang disrupted by international police operation

DECODING ASIA

Navigate Asia in
a new global order

Get the insights delivered to your inbox.

“The US is focused on both disrupting the dangerous and irresponsible actions of malicious cyber actors, as well as protecting our citizens and our critical infrastructure,” Treasury’s Under Secretary for Terrorism and Financial Intelligence, Brian Nelson, said in the statement.

“Through our whole-of-government approach and in close coordination with our British partners, Treasury will continue to leverage our tools to expose these networks and protect against these threats.” REUTERS

Decoding Asia newsletter: your guide to navigating Asia in a new global order. Sign up here to get Decoding Asia newsletter. Delivered to your inbox. Free.

Sanctions Cybersecurity US-China relations

Share with us your feedback on BT's products and services

Feedback